SMB3 mounts fail with access denied to some servers

We were checking incorrectly if signatures were required to be sent, so were always sending signatures after the initial session establishment. For SMB3 mounts (vers=3.0) this was a problem because we were putting SMB2 signatures in SMB3 requests which would cause access denied on mount (the tree connection would fail). This might also be worth considering for stable (for 3.7), as the error message on mount (access denied) is confusing to users and there is no workaround if the server is configured to only support smb3.0. I am ok either way. CC: stable <stable@kernel.org> Signed-off-by: N Steve French <smfrench@gmail.com> Reviewed-by: N Jeff Layton <jlayton@redhat.com>

SMB3 mounts fail with access denied to some servers
We were checking incorrectly if signatures were required to be sent, so were always sending signatures after the initial session establishment. For SMB3 mounts (vers=3.0) this was a problem because we were putting SMB2 signatures in SMB3 requests which would cause access denied on mount (the tree connection would fail). This might also be worth considering for stable (for 3.7), as the error message on mount (access denied) is confusing to users and there is no workaround if the server is configured to only support smb3.0. I am ok either way. CC: stable <stable@kernel.org> Signed-off-by: N Steve French <smfrench@gmail.com> Reviewed-by: N Jeff Layton <jlayton@redhat.com>
52c0f4ad · Steve French · 176c9b39 · 52c0f4ad
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

fs/cifs/smb2pdu.c fs/cifs/smb2pdu.c +1 -1

未找到文件。
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -425,7 +425,7 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
 	}

 	cFYI(1, "sec_flags 0x%x", sec_flags);
-	if (sec_flags & CIFSSEC_MUST_SIGN) {
+	if ((sec_flags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {
 		cFYI(1, "Signing required");
 		if (!(server->sec_mode & (SMB2_NEGOTIATE_SIGNING_REQUIRED |
 		      SMB2_NEGOTIATE_SIGNING_ENABLED))) {